Google Hangouts Getting Identified when trying to go out of DNS
We have app control applied to our DNS outbound policy.
The app only allows DNS out on the DNS policy
We have noticed in our logs that we see Google.Plus being identified (and blocked) on our DNS policy. Have you guys seen that? Is this common or is there something wrong on my end? Surely, Google isn't trying to tunnel Google Plus out of DNS
A quick Google search (ironic?) didn't yield any immediate clues about the ports that Google Hangouts uses, and for what purposes, but Fortinet devices use port 53 all the time for FortiGuard queries, among other things.
It may not be tunnelling most/all traffic through DNS, but may very well be using the port for a special purpose, name resolution-related or otherwise.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.